Programmer Humor

19149 readers

1225 users here now

Welcome to Programmer Humor!

This is a place where you can post jokes, memes, humor, etc. related to programming!

For sharing awful code theres also Programming Horror.

Rules

Keep content in english
No advertisements
Posts must be related to programming or programmer topics

founded 1 year ago

MODERATORS

[email protected]

970

Life Hack (lemm.ee)

submitted 5 months ago by [email protected] to c/[email protected]

127 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 10 points 5 months ago (1 children)

Every modern database library automatically protects against SQL injection,

No. Every modern library allows using prepared statements, but very few (of any) force using them. If the developer doesn't use them the libraries won't do shit to protect you.

[–] [email protected] -1 points 5 months ago* (last edited 5 months ago) (1 children)

What I meant is that not many people write raw SQL in product code any more, other than for analytical purposes (which are often in a system like Apache Airflow rather than in product code). ORM systems have mostly taken over except for cases where you really need raw SQL for whatever reason.

[–] [email protected] 2 points 5 months ago

Practically every dev learnt SQL and it's really easy to put hands crafted SQL in code so it's an easy mistake to make